I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

needs these certificates for the proper operation of many of its functions and you should not remove or revoke them.

These are the root certificates and their functions:

Microsoft Root Authority: Used for many low-level functions that require certificate operations.Microsoft Timestamp Root: Used for time-stamping operations.Microsoft Authenticode Root: Used for sending secure email and signing code.

There are also two certificates by VeriSign that are used for time stamping and code publishing, and they should not be deleted either.

One thing you may notice is that the dates on the certificates listed above have expired. This is normal, because the certificates are needed for backwards compatibility -- if something was signed with that certificate once upon a time, the same certificate needs to be present to validate the signed object. The certificate may be expired, but as long as it wasn't explicitly revoked, then it's still good for validating anything that was signed when it was still in use.

Microsoft Update may routinely publish new root certificates or updates to existing ones, under the name "Root Certificate Update." These new root certificates do not replace the old ones completely for the above reasons.

Among the problems that may take place if you delete a Root Certificate: if you delete the Verisign Time Stamping certificate, Windows File Protection may be damaged and will not start. The only way to fix this is to find another Windows 2000 computer, export that machine's root certificates, and import them into the damaged computer. The procedures for exporting and importing certificates are described in Microsoft Knowledge Base article Q320878.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy